Cyber Alert: Update your Mozilla Firefox browser
September 11th, 2019
Posted in Announcements
The European Union’s General Data Protection Regulation (GDPR) is a new privacy law that governs the use of personally identifiable information. The GDPR grants certain legal rights to people whose personal data is being collected and processed and imposes legal responsibilities on entities that control or process personal data.
Although the GDPR is not a US law, it may apply to a number of Georgetown University’s activities that involve processing, storage or management of personal information about EU residents. The law is intended to apply to entities like Georgetown that are outside of Europe, and to apply to data about persons located in Europe regardless of whether they are citizens or permanent residents of a European Union country.
In general, the GDPR covers the storage or use of personal data for University functions or activities that 1) take place in the EU; 2) involve outreach to EU residents to offer goods or services; or 3) track EU residents online or involve the control or processing of data relating to EU residents.
The GDPR takes a wide view of what constitutes personal data and includes:
A core group, including members from the Office of General Counsel, Office of Compliance and Ethics, and the University Information Security Office has formed to evaluate and plan for compliance with the GDPR. This group will be working closely with select departments across campus to ensure that we are respecting the newest elements of what’s considered personal data under GDPR.
If you have questions about the GDPR or how it may apply to your department or unit, please contact us at firstname.lastname@example.org.